Rejected queries for mx???

Chris Adams cmadams at
Wed Jan 19 20:28:41 UTC 2011

Once upon a time, Phil Mayers  <p.mayers at> said:
>On the subject of rejected queries - although this isn't a bind question 
>per-se, I'm curious if anyone else here sees a lot of these:
>client view main: query (cache) 
>'' denied
>We get *loads* of them to our authoritative resolvers. I am assuming 
>they are attempts at cache poisoning given the (ahem) dubious 
>geographical origin of the queries (no offense intended to anyone living 
>in those parts of the world) but I can't see any corresponding inbound 
>forged DNS packets in our netflow.

Do you have domains listing as an MX?  I have
seen some broken resolvers that will do an MX lookup and then turn
around and do A lookups for the MX hosts at the same DNS server.

Chris Adams <cmadams at>
Systems and Network Administrator - HiWAAY Internet Services
I don't speak for anybody but myself - that's enough trouble.

More information about the bind-users mailing list